In late June, Health and Human Services Secretary Robert F. Kennedy Jr. announced that he plans to launch a campaign to incentivize Americans to use wearable health tracking devices.
Health-tracking devices — including watches, rings and bands — can offer real benefits. They can help you stay accountable to your health goals, alert you if you’re overexerting during a workout and even support stress management, period tracking and sleep monitoring.
However, the announcement sparked privacy concerns, even among Make America Healthy Again supporters, raising the question: Can the government track your health data?
When you go to the doctor, your medical information is kept private under the Health Insurance Portability and Accountability Act (HIPAA), but smartwatches, rings and other health-tracking apps and websites aren’t obligated to keep your health data confidential.
“When states or other entities begin subpoenaing health app records, especially in sensitive contexts, it exposes a dangerous gap in our data governance,” says Clyde Williamson, a senior product security architect at Protegrity. “These apps weren’t built with legal scrutiny in mind, and users rarely understand how much of their personal data is stored, shared or sold. The problem isn’t just technical, it’s ethical.”
Here’s what you need to know about the data health tracking apps collect and how you can keep your personal data private.
[READ: Keeping Track of Health Information: What You Should Know.]
What Data Do Apps and Wearables Collect?
It depends on the type of device you’re using, plus why you’re using it — and there’s no shortage of health apps you can be using.
There are more than 350,000 health apps available today that collect a wide spectrum of data, depending on the primary function of the wearable device or app.
“These data typically range from personal sociodemographic information, such as name, date of birth, email and home address, to specific health data that is relevant to the user’s interactions with the app,” says Ritu Agarwal, a distinguished professor of information systems and health at the Johns Hopkins Carey Business School.
Here are the main categories of health-tracking apps currently available:
Fitness watches
Wearable fitness trackers, like the Apple Watch and Garmin watches, are perhaps the most sophisticated of the bunch. They capture data such as:
— Calories burned
— Heart rate
— Vo2 max (maximal oxygen uptake)
Fitness tools often utilize built-in device sensors, such as GPS to track location and accelerometers to track movement.
Sometimes, these watches can capture sensitive details, such as your race or pregnancy status, which can be shared with third parties, Williamson adds.
“Most fitness apps use an LED sensor technology for various vital sign monitoring,” says Dr. Debra Patt, an expert in health care informatics and digital health adoption and the executive vice president at Texas Oncology. “It works by using photoplethysmography (PPG) to detect heart rate and other vital signs.”
Mental health apps
Mental health apps, like Calm and Headspace, collect self-reported information based on what you share with them via their unique check-in features, including:
— Activity levels
— Journal entries
Period tracking apps
Some apps, like Clue, can help you stay on top of the menstrual cycle, but they require you to self-log this information about when you begin menstruating. These apps can:
— Help predict when your next period will arrive
— Notify you if your period is late
— Provide ovulation information
— Record sexual activity
— Log pregnancy symptoms
“Period tracking apps may also sync with wearables or health platforms to supplement manually entered data,” Williamson says.
Sleep and general wellness trackers
Many fitness watches track sleep if you wear them to bed. Other wearables, like the Oura ring and Whoop fitness tracker, often provide the following information:
— Recovery
— Sleep stages, such as rapid eye movement (REM) sleep versus light sleep
— Sleep score
— Heart rate
— Skin temperature fluctuations
— Electrocardiogram (ECG) readings
Glucose monitoring apps
Those with diabetes
can benefit from monitoring their glucose levels around the clock, and often these devices come with their own app where you can watch how it ebbs and flows throughout the day.
Alternatively, you can sync up data from your device to other diabetes apps like mySugr and Glucose Buddy.
These apps can:
— Identify spikes and dips in blood glucose levels
— Record and keep track of insulin doses
— Track food intake
— Track medication timing and doses
— Record exercise
— Provide estimated A1C levels
— Measure electrolyte levels
“Based on the algorithms built into the app, these apps can message the user if their readings are out of range or suggest specific actions related to diet and exercise (to help balance levels),” Agarwal says.
[READ: How to Put Together a Family Medical History]
How to Know Which Apps to Trust
Experts say it is truly tough to know as a consumer which apps to trust, given how many apps are now available and how prominent AI is becoming in health care practices.
“Trusting a health tracking app starts with understanding how it treats your data,” Williamson says. “You want to look for apps that are transparent about what they collect, how they store it and who they share it with. If an app doesn’t clearly explain its privacy practices or gives you little control over your own information, that’s a red flag.”
Here are a few tips to follow to help ensure the app or device you’re using isn’t sharing your data without your knowledge.
1. Research the reputation of the company
Read customer reviews and search for positive coverage from media outlets. If there isn’t much, or worse, if there are negative reviews or complaints, it’s best to skip.
Also, look for additional third-party quality stamps. For example, if the app is recommended or endorsed by a professional association, such as the American Diabetes Association (ADA), those are often good signs that the app or device is reputable.
2. Read the privacy policy ahead of time
Before downloading an app and syncing up your device to it, make sure you read the fine print.
“The best apps build security into their design from day one, what we call ‘privacy by design,’ and they give users meaningful choices,” Williamson says. “This involves utilizing local data storage options, implementing encryption and ensuring transparent consent mechanisms.”
Review the privacy policy to see if it shares the following information:
— Data protection mechanisms
— Revocation of consent
— Length of data storage
— The rights you have over the sharing of your data (versus those of the company)
3. Inquire about medical expertise
Before you take advice from an app or device that has your personal health information
, it’s wise to know who’s doling out this health advice.
“I would look very carefully at the development and company team — ask yourself how credentialed and credible is it,” Agarwal says.
For example, Agarwal says diabetes apps should include a team of endocrinologists. Similarly, fitness apps should have leaders with credible certifications like ASME, and mental health apps should not only involve psychiatrists but also behavioral science researchers.
[READ: How to Get Access to Your Hospital Records]
How to Protect Personal Data
Given the current political landscape and abundance of apps and wearables, it’s best to take the protection of your data into your own hands. The best way to do this? Actually, there are several.
1. Make sure they are covered by HIPAA regulations
HIPAA establishes clear regulations for the use and protection of health information.
“If an app or service is HIPAA-compliant, it means your data is protected by federal law. But here’s the catch: Most consumer health apps aren’t covered,” Williamson says. “So, before you start logging sensitive information, check whether the provider is bound by HIPAA.”
Otherwise, you may be sharing your data with no legal safety net.
2. Avoid linking multiple health platforms (unless necessary)
Devices and apps can share your data across other apps via third-party data. An example of this is when people link their Garmin Connect account to their Strava account.
“This can help the app customize the ads that you are shown while using it by integrating data about online activities across different sites and apps,” Agarwal says.
But at the same time, this means more platforms have your health data.
3. Choose local storage when possible
Choose apps that let you store your data directly on your phone, which is known as local storage.
“That means fewer chances for your information to be intercepted, sold or leaked,” Williamson says. “If privacy is a top concern, look for apps that offer local-only storage or at least give you the option to opt out of cloud-syncing.”
4. Turn off location services
When you’re using an app to record your diet, for example, you don’t need to give the app your location. You can make sure you’re not sharing information like this by visiting your settings and seeing what information you’re giving the app permission to.
“Limit the app’s permissions,” says France Belanger, a University Distinguished Professor at Virginia Tech. “For example, some features require location services to be on, like when tracking the length of a run, but others don’t.”
5. Revisit your apps’ permissions regularly
When you first download or install an app on your phone, it will ask for things like your location and contacts. You have the option to deny that right from the get-go, or if you choose to allow those options, you can always go back and change that.
“Don’t just tap, ‘allow all.’ Take a moment to read what it’s asking for and why,” Williamson says. “And once a month, go back into your settings and see what’s still turned on. You’d be surprised how many apps keep listening long after you stop using them.”
In general, stay vigilant about what you share and for how long.
“When possible, only share what’s necessary,” Belanger says.
6. Make sure security features on your smart device are turned on
You can do this by only joining virtual private networks when on public Wifi or using your hotspot when the public network is “unsecure.” You can also use third-party cookie blockers to enhance your privacy and prevent websites or apps from tracking your browsing activity.
Also, choose a strong password or PIN to enter your device so it’s difficult to hack.
“Your data that’s sent and stored on the app providers’ sites are only as safe as their site, but at least you can protect the local data,” Belanger says.
7. Delete logs of collected data
“Because we share so much data over time, consider doing a regular cleaning of data,” Belanger says.
This could be monthly, quarterly or even yearly, depending on what you have capacity for. The goal is to delete your collected data stored in your history.
“If available, use an auto-delete feature every 30 days,” Belanger says.
If your device doesn’t offer that feature, you can set a reminder on your phone to manually do it yourself.
Bottom Line
Health-tracking apps and devices can offer insights into your overall health and well-being. However, some of these tools may be sharing your data with other companies and potentially the government.
Taking the time to read through the privacy policy before you download an app is just one way you can protect your health information.
In addition, storing your data directly on your phone versus the cloud can help ensure your private information isn’t leaked.
More from U.S. News
How Clutter Affects Mental Health
9 Daily Habits to Boost Your Mental Health: Simple Steps for Boosting Your Well-Being
How to Use Your Smartphone — and Protect Your Mental Health
How to Protect Your Data When Using Health Tracking Apps originally appeared on usnews.com
Correction 08/29/25: A previous version of this story incorrectly included the American Medical Association, which does not endorse apps.
